Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

A new Data Days event is coming soon! This time we’re going bigger than ever. Fabric, Power BI, SQL, AI and more. Don't miss out.

oussamahaimoud

RLS testing UI (Test RLS roles directly in the service without publishing workarounds)

Submitted by Solution Sage on ‎05-17-2026 04:03 PM

Hi Team,

Hope you are doing well!

 

Now:

Testing Row-Level Security today requires publishing to production first. There is no safe way to validate who sees what before going live. Misconfigured roles are only discovered after the fact, a direct governance and compliance risk.

 

GOAL :

A native testing pane inside the Power BI Service where developers can simulate any role, impersonate a specific user by email, and immediately see which rows and tables are accessible, without touching the live environment.

Three capabilities: role simulation without publishing, per-table access visibility, and an automated assertion suite that flags regressions whenever the data model changes.

 

Why ?

Security incidents caused by misconfigured RLS are entirely preventable. This feature makes them so. It also reduces the time developers spend on manual validation cycles from hours to minutes, and provides compliance teams with a formal, exportable audit record of every validation session.

 

Thank you for considering this, I believe it would be a great addition to the Fabric and power bi experience

Status: New
See more ideas labeled with:
1 Comment (1 New)
Comments
ThornKevin
Advocate I
Advocate I
‎05-19-2026 03:12 PM
Waiting since forever for such a feature. Would love to get at least something comparable to Azure RBAC Permission evaluator UI: - Select EntraID User, Group or Identity - Evaluate all roles across hierarchy (in this case, data domain, workspace, Lakehouse item, OneLakeSecurity Object plus CLS or RLS restrictions) Especially to push usage of directLake mode while using multiple lakehouses as source for visuals is a nightmare. No chance to validate if a user is able to see all visuals. In our case, there is one Lakehouse with 20 OneLakeSecurity roles and each has 60 tables assigned where all of them have RLS Rules defined. No chance to test this…..